<?php
/**********************************************************
  eCode Marketing System
  Version 0.1
  Delete Offer Handler (/admin/handler.offer_delete.php)
**********************************************************/

// Require configuration
define("FROMSCRIPT", true);
require dirname(__FILE__) . "/../config.php";

// Start session if not already started
session_start();

if(!isset($_SESSION['login_t'])) {
	/* If we're not logged in, take us to the login
	   page and ensure the rest of the code isn't run */
	header("Location: /admin/login.php");
	exit;
}

$pagetitle = "Delete Offer (Admin)";
$pageheading = "<a href=\"/admin/index.php\">" . SITE_NAME . "Administration</a> &gt; Delete Offer";
$page_content = "<hr />\n";

if(!isset($_GET['cid']) || !is_numeric($_GET['cid'])) {
	// No campaign to delete offer from
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: No campaign was selected for deletion of an offer. To select an offer for deletion, use its respective \"Delete\" icon on the List Offers page.</div>\n";
} else if(!isset($_GET['oid']) || !is_numeric($_GET['oid'])) {
	// No offer to delete within campaign
$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: No offer was selected for deletion. To select an offer for deletion, use its respective \"Delete\" icon on the List Offers page.</div>\n";
} else if ($db->get_row("SELECT * FROM `" . DB_TBL_PREFIX . "campaigns` WHERE `campaign_id` = '" . $_GET['cid'] . "'") == false) {
	// Non-existent campaign
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: The campaign selected does not exist. Select an offer for deletion by using its respective \"Delete\" icon on the List Offers page.</div>\n";
} else if ($db->get_row("SELECT * FROM `" . DB_TBL_PREFIX . "offers` WHERE `offer_id` = '" . $_GET['oid'] . "'") == false) {
	// Offer does not exist within campaign
	$page_content .= "<div id=\"error-box\"><span class=\"error\">ERROR</span>: The offer selected does not exist. Select an offer for deletion by using its respective \"Delete\" icon on the List Offers page.</div>\n";
} else {
	// Get offer info
	$campaign = $db->get_row("SELECT * FROM `" . DB_TBL_PREFIX . "campaigns` WHERE `campaign_id` = '" . $_GET['cid'] . "'");
	$offer = $db->get_row("SELECT * FROM `" . DB_TBL_PREFIX . "offers` WHERE `offer_id` = '" . $_GET['oid'] . "'");
	if(!isset($_GET['confirm']) || $_GET['confirm'] != 1) {
		// Confirm deletion
		$page_content .= "<p>Are you sure you want to delete offer ID " . $_GET['oid'] . "?</p>\n";
		$page_content .= "<p><a href=\"handler.offer_delete.php?cid=" . $_GET['cid'] . "&amp;oid=" . $_GET['oid'] . "&amp;confirm=1\">Yes, delete it.</a></p>\n";
		$page_content .= "<p><a href=\"list_offers.php?cid=" . $_GET['cid'] . "\">No, do not delete it.</a></p>\n";
	} else {
		// Offer deletion confirmed, perform delete
		$deloffer = $db->query("DELETE FROM `" . DB_TBL_PREFIX . "offers` WHERE `offer_id` = '" . $_GET['oid'] . "'");
		$fname = CACHE_DIR . "/" . $campaign->campaign_id . "_" . $offer->offer_id . ".png";
		if(file_exists($fname)) {
			unlink($fname);
		}
		
		$page_content .= "<div id=\"success-box\">Offer ID " . $_GET['oid'] . " in the '" . $campaign->campaign_name. "' campaign was deleted successfully.</div>";
	}
}

$page_content .= "<p class=\"centered\"><a href=\"/admin/list_offers.php?cid=" . $_GET['cid'] . "\">Back</a> to Offer List</p>\n";
$page_content .= "<hr />\n";
$page_content .= "<p><a href=\"/admin/index.php\">Back</a> to " . SITE_NAME . " Administration</p>\n";

// Get template
require(TEMPLATE_DIR . "/index.php");
?>
